Q

How do IP spoofing and session hijacking work?

How does IP spoofing work? I understand that an IP-spoofer must interrupt the connection between two hosts. What...

kind of program would he use to jump into the conversation before the other person noticed something was wrong? It's the timing that I can't figure out. Can this be done over the Internet, or must the spoofer have a packet sniffer and be on the same segment of cable?

You are apparently confusing IP spoofing with session hijacking.

IP spoofing is simply forging the IP addresses in an IP packet. This is used in many types of "attacks" including session hijacking. It is also often used to fake the e-mail headers of SPAM so they cannot be properly traced.

Session hijacking occurs at the TCP level. According to Internet Security Systems, "TCP session hijacking is when a hacker takes over a TCP session between two machines. Since most authentication only occurs at the start of a TCP session, this allows the hacker to gain access to a machine."

For more information on session hijacking and other TCP Exploits, please visit Internet Security Systems. The definition I quoted above came from that page, and there are references to other papers, including one that explains IP spoofing.

As for how and where it can be done, if your connections are vulnerable, it can be done over the Internet. The attacker does not need to be directly in your path, though that does simplify things.

More on this topic

 

This was last published in August 2002

Dig Deeper on Application Attacks (Buffer Overflows, Cross-Site Scripting)

PRO+

Content

Find more PRO+ content and other member only offers, here.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close